Can automation help us fill the cybersecurity skills gap?

Business's reliance on technology is growing exponentially. The global need for cybersecurity professionals is expanding as a result. However, there's a problem - a severe skills shortage in the cybersecurity industry. Can automation help overcome this gap? And how can humans work alongside automation to reduce the threat posed by cyberattacks?

Skills shortage intensifying

There are thought to be almost three million unfilled cybersecurity positions around the world, despite efforts by major nations to upskill their workforces, encourage cybersecurity education, and reskill existing professionals.

In the UK, the government recently announced investment in the Cyber Skills Immediate Impact Fund. MP Nigel Adams, minster at the Department for Digital, Culture, Media & Sport explained: “Improving cybersecurity and securing our digital networks also relies on having a skilled and diverse workforce.”

However, the skills shortage is a genuine problem. Businesses and other organisations need to keep their systems protected, while waiting for cybersecurity training programmes to have an impact. So how can they do this?

Can machines help?

Some argue that attempts to train workers to fill the cybersecurity skills gap is doomed to failure. The number of cybersecurity professionals will rise, but it won't rise fast enough. So, what's the alternative to training more humans? Letting technology do more of the work.

Automation and machine learning can help improve cybersecurity in a number of ways:

Monitoring

Analysing logs to spot IT security breaches is a monotonous and thankless task essential to effective cybersecurity. Using automation as part of a business’s intrusion monitoring processes can make the task less burdensome, less prone to human error, and more timely. 

In most companies, server logs aren't even monitored. IT staff simply have too much else to do, resulting in many security-related tasks being left undone. Automation makes it feasible for these typical firms to routinely monitor their logs for security issues, cutting down the amount of human analysis required. Automation can aggregate security data from numerous devices, filter it, compare it to past network traffic patterns, and prioritise security warnings.

The increased use of automation in cybersecurity isn't just due to the conscious choices of IT managers. IT vendors, such as firewall manufacturers, are increasingly integrating intelligent monitoring into their offerings, partly to encourage their customers to upgrade to newer versions. Such security enhancements are also added as a defensive move - helping these vendors stay competitive with rivals that bundle such features into their newer offerings. Regardless of the motivation of vendors, this is good news for firms. It means more inbuilt cybersecurity functions in products & services that were going to be bought anyway.   

Analysis

Machines can also with the more intelligent side of cybersecurity. Robotic Decision Automation (RDA) helps speed up IT security analysis, using machine learning and probability.

When it comes to cybersecurity, RDA is often aided by security-related data-sharing by firms that use the same vendor's security appliances, the same software, or the same multi-tenanted hosted service.

This additional data - gleaned from the aggregated anonymised traffic of multiple customers - allows for more nuanced and accurate security analysis than a single IT administrator could achieve by reviewing their organisation's logs in isolation. Such analysis doesn't just allow past security incidents to be classified more accurately. It may allow systems to be forewarned against future attacks, thanks to the automatic distribution of attack signatures.

Improving staff morale

Machines and technology can do much of the heavy lifting on cybersecurity, freeing IT staff to focus on the elements of their jobs that require human intelligence and ingenuity. This improves morale by eliminating various boring, repetitive, unappreciated tasks that would otherwise be required to deliver solid cybersecurity. 

Automation is part of the solution and part of the problem

Automation isn't just being used by those defending against cyberattacks. It's used by attackers too.

Script kiddies can now perform complex hacks that would once have required programming skills and deep technical knowledge.

Automation will play a vital role in mitigating the impact of the cybersecurity skills gap. That's fitting, as automation helped create that gap in the first place.